isabelle: doc-src/TutorialI/Inductive/document/Star.tex@6f2731bdba11 (annotated)

10225 b9fd52525b69 * empty log message * nipkow parents: diff changeset	1	%
b9fd52525b69 * empty log message * nipkow parents: diff changeset	2	\begin{isabellebody}%
b9fd52525b69 * empty log message * nipkow parents: diff changeset	3	\def\isabellecontext{Star}%
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	4	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	5	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	6	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	7	\endisadelimtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	8	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	9	\isatagtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	10	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	11	\endisatagtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	12	{\isafoldtheory}%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	13	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	14	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	15	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	16	\endisadelimtheory
10225 b9fd52525b69 * empty log message * nipkow parents: diff changeset	17	%
10878 b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	18	\isamarkupsection{The Reflexive Transitive Closure%
10395 7ef380745743 updated; wenzelm parents: 10363 diff changeset	19	}
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	20	\isamarkuptrue%
10225 b9fd52525b69 * empty log message * nipkow parents: diff changeset	21	%
b9fd52525b69 * empty log message * nipkow parents: diff changeset	22	\begin{isamarkuptext}%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	23	\label{sec:rtc}
11494 23a118849801 revisions and indexing paulson parents: 11308 diff changeset	24	\index{reflexive transitive closure!defining inductively\|(}%
10878 b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	25	An inductive definition may accept parameters, so it can express
b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	26	functions that yield sets.
b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	27	Relations too can be defined inductively, since they are just sets of pairs.
b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	28	A perfect example is the function that maps a relation to its
b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	29	reflexive transitive closure. This concept was already
11147 d848c6693185 * empty log message * nipkow parents: 10950 diff changeset	30	introduced in \S\ref{sec:Relations}, where the operator \isa{\isactrlsup {\isacharasterisk}} was
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	31	defined as a least fixed point because inductive definitions were not yet
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	32	available. But now they are:%
10225 b9fd52525b69 * empty log message * nipkow parents: diff changeset	33	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	34	\isamarkuptrue%
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	35	\isacommand{inductive{\isacharunderscore}set}\isamarkupfalse%
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	36	\isanewline
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	37	\ \ rtc\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set\ {\isasymRightarrow}\ {\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set{\isachardoublequoteclose}\ \ \ {\isacharparenleft}{\isachardoublequoteopen}{\isacharunderscore}{\isacharasterisk}{\isachardoublequoteclose}\ {\isacharbrackleft}{\isadigit{1}}{\isadigit{0}}{\isadigit{0}}{\isadigit{0}}{\isacharbrackright}\ {\isadigit{9}}{\isadigit{9}}{\isadigit{9}}{\isacharparenright}\isanewline
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	38	\ \ \isakeyword{for}\ r\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set{\isachardoublequoteclose}\isanewline
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	39	\isakeyword{where}\isanewline
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	40	\ \ rtc{\isacharunderscore}refl{\isacharbrackleft}iff{\isacharbrackright}{\isacharcolon}\ \ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}x{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\isanewline
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	41	{\isacharbar}\ rtc{\isacharunderscore}step{\isacharcolon}\ \ \ \ \ \ \ {\isachardoublequoteopen}{\isasymlbrakk}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	42	\begin{isamarkuptext}%
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	43	\noindent
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	44	The function \isa{rtc} is annotated with concrete syntax: instead of
11494 23a118849801 revisions and indexing paulson parents: 11308 diff changeset	45	\isa{rtc\ r} we can write \isa{r{\isacharasterisk}}. The actual definition
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	46	consists of two rules. Reflexivity is obvious and is immediately given the
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	47	\isa{iff} attribute to increase automation. The
10363 6e8002c1790e * empty log message * nipkow parents: 10243 diff changeset	48	second rule, \isa{rtc{\isacharunderscore}step}, says that we can always add one more
6e8002c1790e * empty log message * nipkow parents: 10243 diff changeset	49	\isa{r}-step to the left. Although we could make \isa{rtc{\isacharunderscore}step} an
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	50	introduction rule, this is dangerous: the recursion in the second premise
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	51	slows down and may even kill the automatic tactics.
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	52
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	53	The above definition of the concept of reflexive transitive closure may
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	54	be sufficiently intuitive but it is certainly not the only possible one:
10878 b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	55	for a start, it does not even mention transitivity.
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	56	The rest of this section is devoted to proving that it is equivalent to
10878 b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	57	the standard definition. We start with a simple lemma:%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	58	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	59	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	60	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	61	\ {\isacharbrackleft}intro{\isacharbrackright}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\isanewline
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	62	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	63	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	64	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	65	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	66	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	67	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	68	\isacommand{by}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	69	{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isacharunderscore}step{\isacharparenright}%
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	70	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	71	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	72	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	73	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	74	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	75	\endisadelimproof
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	76	%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	77	\begin{isamarkuptext}%
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	78	\noindent
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	79	Although the lemma itself is an unremarkable consequence of the basic rules,
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	80	it has the advantage that it can be declared an introduction rule without the
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	81	danger of killing the automatic tactics because \isa{r{\isacharasterisk}} occurs only in
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	82	the conclusion and not in the premise. Thus some proofs that would otherwise
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	83	need \isa{rtc{\isacharunderscore}step} can now be found automatically. The proof also
10878 b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	84	shows that \isa{blast} is able to handle \isa{rtc{\isacharunderscore}step}. But
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	85	some of the other automatic tactics are more sensitive, and even \isa{blast} can be lead astray in the presence of large numbers of rules.
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	86
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	87	To prove transitivity, we need rule induction, i.e.\ theorem
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	88	\isa{rtc{\isachardot}induct}:
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	89	\begin{isabelle}%
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	90	\ \ \ \ \ {\isasymlbrakk}{\isacharparenleft}{\isacharquery}x{\isadigit{1}}{\isachardot}{\isadigit{0}}{\isacharcomma}\ {\isacharquery}x{\isadigit{2}}{\isachardot}{\isadigit{0}}{\isacharparenright}\ {\isasymin}\ {\isacharquery}r{\isacharasterisk}{\isacharsemicolon}\ {\isasymAnd}x{\isachardot}\ {\isacharquery}P\ x\ x{\isacharsemicolon}\isanewline
14379 ea10a8c3e9cf updated links to the old ftp site paulson parents: 13778 diff changeset	91	\isaindent{\ \ \ \ \ \ }{\isasymAnd}x\ y\ z{\isachardot}\ {\isasymlbrakk}{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}\ {\isasymin}\ {\isacharquery}r{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ {\isacharquery}r{\isacharasterisk}{\isacharsemicolon}\ {\isacharquery}P\ y\ z{\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharquery}P\ x\ z{\isasymrbrakk}\isanewline
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	92	\isaindent{\ \ \ \ \ }{\isasymLongrightarrow}\ {\isacharquery}P\ {\isacharquery}x{\isadigit{1}}{\isachardot}{\isadigit{0}}\ {\isacharquery}x{\isadigit{2}}{\isachardot}{\isadigit{0}}%
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	93	\end{isabelle}
23848 ca73e86c22bb updated berghofe parents: 23733 diff changeset	94	It says that \isa{{\isacharquery}P} holds for an arbitrary pair \isa{{\isacharparenleft}{\isacharquery}x{\isadigit{1}}{\isachardot}{\isadigit{0}}{\isacharcomma}\ {\isacharquery}x{\isadigit{2}}{\isachardot}{\isadigit{0}}{\isacharparenright}\ {\isasymin}\ {\isacharquery}r{\isacharasterisk}}
ca73e86c22bb updated berghofe parents: 23733 diff changeset	95	if \isa{{\isacharquery}P} is preserved by all rules of the inductive definition,
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	96	i.e.\ if \isa{{\isacharquery}P} holds for the conclusion provided it holds for the
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	97	premises. In general, rule induction for an $n$-ary inductive relation $R$
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	98	expects a premise of the form $(x@1,\dots,x@n) \in R$.
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	99
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	100	Now we turn to the inductive proof of transitivity:%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	101	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	102	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	103	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	104	\ rtc{\isacharunderscore}trans{\isacharcolon}\ {\isachardoublequoteopen}{\isasymlbrakk}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\isanewline
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	105	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	106	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	107	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	108	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	109	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	110	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	111	\isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	112	{\isacharparenleft}erule\ rtc{\isachardot}induct{\isacharparenright}%
16069 3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	113	\begin{isamarkuptxt}%
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	114	\noindent
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	115	Unfortunately, even the base case is a problem:
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	116	\begin{isabelle}%
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	117	\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x{\isachardot}\ {\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}%
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	118	\end{isabelle}
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	119	We have to abandon this proof attempt.
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	120	To understand what is going on, let us look again at \isa{rtc{\isachardot}induct}.
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	121	In the above application of \isa{erule}, the first premise of
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	122	\isa{rtc{\isachardot}induct} is unified with the first suitable assumption, which
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	123	is \isa{{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}} rather than \isa{{\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}}. Although that
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	124	is what we want, it is merely due to the order in which the assumptions occur
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	125	in the subgoal, which it is not good practice to rely on. As a result,
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	126	\isa{{\isacharquery}xb} becomes \isa{x}, \isa{{\isacharquery}xa} becomes
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	127	\isa{y} and \isa{{\isacharquery}P} becomes \isa{{\isasymlambda}u\ v{\isachardot}\ {\isacharparenleft}u{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}}, thus
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	128	yielding the above subgoal. So what went wrong?
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	129
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	130	When looking at the instantiation of \isa{{\isacharquery}P} we see that it does not
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	131	depend on its second parameter at all. The reason is that in our original
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	132	goal, of the pair \isa{{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}} only \isa{x} appears also in the
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	133	conclusion, but not \isa{y}. Thus our induction statement is too
27190 431f695fc865 updated generated file; wenzelm parents: 23848 diff changeset	134	general. Fortunately, it can easily be specialized:
16069 3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	135	transfer the additional premise \isa{{\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}} into the conclusion:%
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	136	\end{isamarkuptxt}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	137	\isamarkuptrue%
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	138	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	139	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	140	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	141	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	142	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	143	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	144	\endisadelimproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	145	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	146	\ rtc{\isacharunderscore}trans{\isacharbrackleft}rule{\isacharunderscore}format{\isacharbrackright}{\isacharcolon}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	147	\ \ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymLongrightarrow}\ {\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymlongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}%
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	148	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	149	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	150	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	151	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	152	\isatagproof
16069 3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	153	%
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	154	\begin{isamarkuptxt}%
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	155	\noindent
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	156	This is not an obscure trick but a generally applicable heuristic:
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	157	\begin{quote}\em
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	158	When proving a statement by rule induction on $(x@1,\dots,x@n) \in R$,
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	159	pull all other premises containing any of the $x@i$ into the conclusion
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	160	using $\longrightarrow$.
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	161	\end{quote}
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	162	A similar heuristic for other kinds of inductions is formulated in
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	163	\S\ref{sec:ind-var-in-prems}. The \isa{rule{\isacharunderscore}format} directive turns
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	164	\isa{{\isasymlongrightarrow}} back into \isa{{\isasymLongrightarrow}}: in the end we obtain the original
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	165	statement of our lemma.%
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	166	\end{isamarkuptxt}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	167	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	168	\isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	169	{\isacharparenleft}erule\ rtc{\isachardot}induct{\isacharparenright}%
16069 3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	170	\begin{isamarkuptxt}%
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	171	\noindent
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	172	Now induction produces two subgoals which are both proved automatically:
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	173	\begin{isabelle}%
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	174	\ {\isadigit{1}}{\isachardot}\ {\isasymAnd}x{\isachardot}\ {\isacharparenleft}x{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymlongrightarrow}\ {\isacharparenleft}x{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\isanewline
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	175	\ {\isadigit{2}}{\isachardot}\ {\isasymAnd}x\ y\ za{\isachardot}\isanewline
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	176	\isaindent{\ {\isadigit{2}}{\isachardot}\ \ \ \ }{\isasymlbrakk}{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}\ {\isasymin}\ r{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}\ za{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isacharsemicolon}\ {\isacharparenleft}za{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymlongrightarrow}\ {\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isasymrbrakk}\isanewline
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	177	\isaindent{\ {\isadigit{2}}{\isachardot}\ \ \ \ }{\isasymLongrightarrow}\ {\isacharparenleft}za{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymlongrightarrow}\ {\isacharparenleft}x{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}%
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	178	\end{isabelle}%
3f2a9f400168 * empty log message * nipkow parents: 15614 diff changeset	179	\end{isamarkuptxt}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	180	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	181	\ \isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	182	{\isacharparenleft}blast{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	183	\isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	184	{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isacharunderscore}step{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	185	\isacommand{done}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	186	%
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	187	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	188	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	189	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	190	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	191	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	192	\endisadelimproof
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	193	%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	194	\begin{isamarkuptext}%
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	195	Let us now prove that \isa{r{\isacharasterisk}} is really the reflexive transitive closure
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	196	of \isa{r}, i.e.\ the least reflexive and transitive
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	197	relation containing \isa{r}. The latter is easily formalized%
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	198	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	199	\isamarkuptrue%
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	200	\isacommand{inductive{\isacharunderscore}set}\isamarkupfalse%
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	201	\isanewline
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	202	\ \ rtc{\isadigit{2}}\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set\ {\isasymRightarrow}\ {\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set{\isachardoublequoteclose}\isanewline
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	203	\ \ \isakeyword{for}\ r\ {\isacharcolon}{\isacharcolon}\ {\isachardoublequoteopen}{\isacharparenleft}{\isacharprime}a\ {\isasymtimes}\ {\isacharprime}a{\isacharparenright}set{\isachardoublequoteclose}\isanewline
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	204	\isakeyword{where}\isanewline
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	205	\ \ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r{\isachardoublequoteclose}\isanewline
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	206	{\isacharbar}\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}x{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r{\isachardoublequoteclose}\isanewline
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 17187 diff changeset	207	{\isacharbar}\ {\isachardoublequoteopen}{\isasymlbrakk}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r\ {\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}z{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r{\isachardoublequoteclose}%
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	208	\begin{isamarkuptext}%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	209	\noindent
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	210	and the equivalence of the two definitions is easily shown by the obvious rule
10237 875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	211	inductions:%
875bf54b5d74 * empty log message * nipkow parents: 10225 diff changeset	212	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	213	\isamarkuptrue%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	214	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	215	\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isachardoublequoteclose}\isanewline
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	216	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	217	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	218	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	219	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	220	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	221	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	222	\isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	223	{\isacharparenleft}erule\ rtc{\isadigit{2}}{\isachardot}induct{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	224	\ \ \isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	225	{\isacharparenleft}blast{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	226	\ \isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	227	{\isacharparenleft}blast{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	228	\isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	229	{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isacharunderscore}trans{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	230	\isacommand{done}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	231	%
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	232	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	233	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	234	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	235	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	236	\isanewline
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	237	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	238	\endisadelimproof
15481 fc075ae929e4 the new subst tactic, by Lucas Dixon paulson parents: 14379 diff changeset	239	\isanewline
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	240	\isacommand{lemma}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	241	\ {\isachardoublequoteopen}{\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}y{\isacharparenright}\ {\isasymin}\ rtc{\isadigit{2}}\ r{\isachardoublequoteclose}\isanewline
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	242	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	243	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	244	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	245	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	246	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	247	\isatagproof
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	248	\isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	249	{\isacharparenleft}erule\ rtc{\isachardot}induct{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	250	\ \isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	251	{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isadigit{2}}{\isachardot}intros{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	252	\isacommand{apply}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	253	{\isacharparenleft}blast\ intro{\isacharcolon}\ rtc{\isadigit{2}}{\isachardot}intros{\isacharparenright}\isanewline
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	254	\isacommand{done}\isamarkupfalse%
1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	255	%
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	256	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	257	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	258	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	259	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	260	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	261	\endisadelimproof
11866 fbd097aec213 updated; wenzelm parents: 11494 diff changeset	262	%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	263	\begin{isamarkuptext}%
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	264	So why did we start with the first definition? Because it is simpler. It
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	265	contains only two rules, and the single step rule is simpler than
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	266	transitivity. As a consequence, \isa{rtc{\isachardot}induct} is simpler than
10878 b254d5ad6dd4 auto update paulson parents: 10696 diff changeset	267	\isa{rtc{\isadigit{2}}{\isachardot}induct}. Since inductive proofs are hard enough
11147 d848c6693185 * empty log message * nipkow parents: 10950 diff changeset	268	anyway, we should always pick the simplest induction schema available.
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	269	Hence \isa{rtc} is the definition of choice.
11494 23a118849801 revisions and indexing paulson parents: 11308 diff changeset	270	\index{reflexive transitive closure!defining inductively\|)}
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	271
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	272	\begin{exercise}\label{ex:converse-rtc-step}
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	273	Show that the converse of \isa{rtc{\isacharunderscore}step} also holds:
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	274	\begin{isabelle}%
10696 76d7f6c9a14c * empty log message * nipkow parents: 10668 diff changeset	275	\ \ \ \ \ {\isasymlbrakk}{\isacharparenleft}x{\isacharcomma}\ y{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}{\isacharsemicolon}\ {\isacharparenleft}y{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isasymrbrakk}\ {\isasymLongrightarrow}\ {\isacharparenleft}x{\isacharcomma}\ z{\isacharparenright}\ {\isasymin}\ r{\isacharasterisk}%
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	276	\end{isabelle}
10520 bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	277	\end{exercise}
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	278	\begin{exercise}
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	279	Repeat the development of this section, but starting with a definition of
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	280	\isa{rtc} where \isa{rtc{\isacharunderscore}step} is replaced by its converse as shown
bb9dfcc87951 * empty log message * nipkow parents: 10396 diff changeset	281	in exercise~\ref{ex:converse-rtc-step}.
10242 028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	282	\end{exercise}%
028f54cd2cc9 * empty log message * nipkow parents: 10237 diff changeset	283	\end{isamarkuptext}%
17175 1eced27ee0e1 updated; wenzelm parents: 17056 diff changeset	284	\isamarkuptrue%
17056 05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	285	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	286	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	287	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	288	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	289	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	290	\isatagproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	291	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	292	\endisatagproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	293	{\isafoldproof}%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	294	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	295	\isadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	296	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	297	\endisadelimproof
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	298	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	299	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	300	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	301	\endisadelimtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	302	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	303	\isatagtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	304	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	305	\endisatagtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	306	{\isafoldtheory}%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	307	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	308	\isadelimtheory
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	309	%
05fc32a23b8b updated; wenzelm parents: 16069 diff changeset	310	\endisadelimtheory
10225 b9fd52525b69 * empty log message * nipkow parents: diff changeset	311	\end{isabellebody}%
b9fd52525b69 * empty log message * nipkow parents: diff changeset	312	%%% Local Variables:
b9fd52525b69 * empty log message * nipkow parents: diff changeset	313	%%% mode: latex
b9fd52525b69 * empty log message * nipkow parents: diff changeset	314	%%% TeX-master: "root"
b9fd52525b69 * empty log message * nipkow parents: diff changeset	315	%%% End:

author	wenzelm
	Sat, 22 May 2010 20:02:26 +0200
changeset 37060	6f2731bdba11
parent 27190	431f695fc865
child 40406	313a24b66a8d
permissions	-rw-r--r--